Attacks on Web 2.0, Vista OS & Online Games Top Threats for 2008

Security Company McAfee published its top ten online threats for 2008 where attacks on Web 2.0 category of sites were first on the list.

A number of threats McAfee assigns to the functionality of Web 2.0 are poorly designed. Most businesses are not prioritizing online security. Pointing to malware and compromises of MySpace.com, Salesforce.com and Monster.com, Threat Research Manager, Craig Schmugar, at McAfee compared these Web 2.0-based Websites with the treatment during the time of Windows 95 when efforts were on doing things in a new manner rather than focusing on security alone. InformationWeek published this in news on November 15, 2007.

Websites such as MySapce.com have succumbed to their own popularity as their widespread and large growth justifies malware authors targeting on them. The same logic applies to Windows Vista, which McAfee predicts will become a target of even more attacks next year. With just 10% installation until now, Vista is likely to get increased attention from online crooks as its use by businesses and consumers increases.

The growth in the sophistication of botnets also makes an important subject to note. The incredible success of the Storm worm draws attention on its continuous capability to evolve. McAfee has referred to this as polymorphism, meaning that each time the infection repeats, its appearance changes as it shifts to a different executable.

The online gaming is also growing in a similar fashion with its massive user base, McAfee notes. But with that, the password-stealing Trojan programs have taken shape and are a new threat to the innumerable online gamers.

Another area of growth has been in the rise of attacks on Instant Messaging (IM). A 'flash' type of worm spreading via IM hasn't been allowed to come to light for many years and although it may not be active in 2008, the ingredients that make the threat would come together in that year.

The only non-threatening malware is adware. The FTC's regulatory action that effectively stunted adware maker Direct Revenue can be cited as the reason for the decline in the malware from an earlier peak in 2007. Hopefully this trend will continue.